4493441
4493474
4493464
4493509
4493470

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, obtain sensitive information, bypass security restrictions, gain privileges, cause denial of service.

Below is a complete list of vulnerabilities:

1. A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
2. An information disclosure vulnerability in Open Enclave SDK can be exploited remotely to obtain sensitive information.
3. An elevation of privilege vulnerability in Azure DevOps Server can be exploited remotely via specially crafted request to gain privileges.
4. A memory corruption vulnerability in Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
5. A denial of service vulnerability in ASP.NET Core can be exploited remotely via specially crafted requests to cause denial of service.
6. A spoofing vulnerability in Azure DevOps Server can be exploited remotely via specially crafted payload to spoof user interface.

ChakraCore
Microsoft Edge
Open Enclave SDK
Azure DevOps Server 2019
ASP.NET Core 2.2

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)